The threat group TAG-150, which researchers associate with the development of the CastleLoader malware, has expanded its arsenal with a new remote access trojan (RAT) known as CastleRAT. The discovery was reported by Recorded...
Low-profile droppers, long considered auxiliary tools in the arsenals of Android banking trojans and RATs, are undergoing a rapid and troubling transformation. According to ThreatFabric researchers, these once secondary instruments are now being actively...
Researchers at Socket have uncovered a malicious npm package named nodejs-smtp, masquerading as the widely used nodemailer library (which averages 3.9 million weekly downloads). In reality, the package serves as a tool for covert...
Experts at Truesec have reported a large-scale malicious campaign in which attackers promoted a fake PDF-editing application, AppSuite PDF Editor, through Google Ads. Beneath its veneer of legitimacy lurked the TamperedChef infostealer, capable of...
Researchers at Kaspersky Lab have reported the resurgence of ransomware operations by the group OldGremlin, which has once again begun targeting Russian companies. In the first half of 2025, eight major enterprises were compromised,...
The NPM ecosystem has been struck by a new supply chain attack, this time targeting the Nx project, into whose repository several malicious package versions were uploaded late Tuesday evening. According to researchers at...
ESET specialists have reported the first documented case of ransomware in which artificial intelligence plays a central role. The newly discovered strain, named PromptLock, is written in Go and leverages OpenAI’s local gpt-oss:20b model...
In early August 2025, specialists at Fortinet FortiGuard Labs detected a large-scale phishing campaign distributing the UpCrypter loader through counterfeit emails purporting to contain voicemail notifications or order confirmations. The attackers crafted highly convincing...
The Android mobile ecosystem has been struck by a new wave of threats driven by the evolution of the HOOK banking trojan. The latest iteration of this malicious program has gained an expanded arsenal...
Researchers at Zscaler ThreatLabz have released a new report on the evolution of the banking trojan Anatsa (also known as TeaBot), first discovered in 2020. This malware targets Android devices and is designed to...
A new macOS trojan, emerging on the dark web under the name Mac.c, is rapidly gaining popularity and beginning to compete with one of the underground market’s most notorious threats, AMOS. Analysts at Moonlock...
A large-scale campaign compromising WordPress websites has been uncovered, tied to the evolution of the Help TDS system and the malicious plugin woocommerce_inputs. According to research from GoDaddy Security, between late 2024 and June...
